On one of Russian forum security vulnerability is discussed in
Microsoft Windows (Windows XP is tested). A vulnerability is caused by
memory corruption is string beginning with "\?\" is send thorugh
MessageBox API with MB_SERVICE_NOTIFICATION flag. It looks like some
"debug" feature not cleaned out in final release and it seems to
exploitable to code execution at kernel level. Code example below: